Globally aligned legislation to protect children online

GLOBAL THREAT ASSESSMENT 2023

Globally aligned internet regulation has significant potential to boost the response to child sexual exploitation and abuse online, by incentivising consistent action from platforms to tackle harm. Voluntary collaboration will remain critical to enable responsiveness and drive innovation.

As new technology advancements continue to emerge, there is a clear need for legislation that is technology neutral – i.e., legislation that does not discriminate against or encourage particular technologies.

This would allow governments and regulators to adapt to new technology, helping tackle new and emerging threats while encouraging  innovation. 

Despite its transformative potential, internet regulation is just one component of the legislative response to child sexual exploitation and abuse online. The Council of Europe Convention on the Protection of Children Against Sexual Exploitation and Sexual Abuse (also known as the Lanzarote Convention)  includes important provisions addressing child sexual exploitation and abuse online but is yet to be ratified and implemented in all UN Member States. Its ratification is an important first step for governments, and an enabler for greater global alignment of all relevant laws.

“While we know exactly where to go in case of violence in the street or at home, we are at a complete loss when it comes to reporting any kind of violence that happens in a virtual environment.”

Noa, 18 years old, Microsoft Digital for Good Youth Council

New and upcoming legislation

We are at a turning moment in the global response to child sexual exploitation and abuse online, with many legislation coming into action and others being discussed and proposed, all over the world.

The past decade has seen a shift from the era of insufficient self-regulation to an age of increasing legislative initiatives and regulation around the world. 

Since 2021 Australia, the European Union, Ireland, Nigeria, the Philippines, Singapore, and the US state of California have joined Fiji, France, Germany, New Zealand, and others in enacting or introducing new forms of online safety regulation. 

At the time of writing, various laws are also proposed including: 

“Young people need all those working in the field of child protection to urge states to enact laws to hold criminals accountable in cases of sexual exploitation of children via the Internet, such as a Child Rights Act.”

Ruwaida, 16 years old, Youth Participant, Democracy School Yemen  

Global alignment of internet regulation 

As globally new online safety legislations are coming into effect, the next challenge is to ensure that all these laws, being developed in different countries, are globally aligned.

We need global alignment across regulatory regimes to:

  • stop offenders from benefitting from legal loopholes and avoiding penalisation
  • help tech companies report, remove and block abuse content more efficiently, reducing duplication.

This is key to realising the transformative potential of regulation.

UNICEF’s ‘Legislating for the Digital Age’ report includes the minimum recommended standards for businesses and other organisations, couched within a more comprehensive set of guidelines to support legislative alignment on everything from offence definitions through to investigative and survivor support provisions.

Safety tech’s role in regulation (RegTech) 

Safety technology companies are necessary to develop the necessary technologies to implement legislation and, therefore, harness the transformative potential of internet regulation.

As the number of regulations globally is increasing, so is the number of safety tech providers. On a global scale, over 350 safety tech providers were operating in 2022. Innovation has led to new safety tech solutions.

As more and more people access the Internet via their mobile phone, there is a need for device-level safety tech solutions.

According to parents and guardians surveyed by Economist Impact in Latin America and Sub-Saharan Africa, 55% of children have access to the internet through a personal mobile device. Data point to the need for device-level safety tech solutions.

The safety technology sector still has clear gaps, which urgently need to be addressed to ensure the sector develops the appropriate tool to support new legislation. One of these gaps, is that technology solutions are generally trained on English datasets, and not for language-specific vocabulary or cultural and regional differences

Salus

SafeToNet’s new device-level safety application.

The app monitors network traffic and images viewed on the user’s screen in real-time, blocking sexual images of children if detected.

One of the gaps is that solutions are generally trained on English datasets, and not for language-specific vocabulary or cultural and regional differences.


Online Safety Data Initiative

Convened by the UK’s Centre for Data Ethics and Innovation, the Online Safety Data Initiative brings together online safety tech suppliers and government, academic, and civil society stakeholders to drive innovation, helping companies develop world-class safety tools that identify and remove harmful online content through greater access to ethical data sources.

Regulation & end-to-end encryption (E2EE)

NCMEC anticipates that with the widespread adoption of E2EE, the number of reports of suspected child sexual abuse from larger platforms (of which five accounted for 93% of all reports in 2022) will decrease by almost 80%. It is technically possible to detect child sexual exploitation and abuse in E2EE environments in a privacy- and security-preserving way. Proposed solutions include: 

  • Client-side scanning, which involves scanning messages on devices for matches or similarities to a database of illegal child sexual abuse material before the message is encrypted and sent. 
  • Homomorphic encryption. This is the use of a different type of encryption which allows operations to be performed without data decryption at any point. 
  • Intermediate secure enclaves, which decrypt the message at the server level by a third party and use tools to detect child sexual abuse materials.